manifests/server/base.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

# manage the common things of
# a mysql server
class mysql::server::base {
  package {'mysql-server':
    ensure => present,
  }
  file { 'mysql_main_cnf':
    path    => '/etc/mysql/my.cnf',
    source  => [
      "puppet:///modules/site_mysql/${::fqdn}/my.cnf",
      "puppet:///modules/site_mysql/my.cnf.${::operatingsystem}.${::operatingsystemmajrelease}",
      "puppet:///modules/site_mysql/my.cnf.${::operatingsystem}",
      'puppet:///modules/site_mysql/my.cnf',
      "puppet:///modules/mysql/config/my.cnf.${::operatingsystem}.${::operatingsystemmajrelease}",
      "puppet:///modules/mysql/config/my.cnf.${::operatingsystem}",
      'puppet:///modules/mysql/config/my.cnf'
    ],
    require => Package['mysql-server'],
    notify  => Service['mysql'],
    owner   => root,
    group   => 0,
    mode    => '0644';
  }

  file {
    'mysql_data_dir':
      ensure  => directory,
      path    => '/var/lib/mysql/data',
      require => Package['mysql-server'],
      before  => File['mysql_main_cnf'],
      owner   => mysql,
      group   => mysql,
      mode    => '0755';
    'mysql_setmysqlpass.sh':
      path    => '/usr/local/sbin/setmysqlpass.sh',
      source  => "puppet:///modules/mysql/scripts/${::operatingsystem}/setmysqlpass.sh",
      require => Package['mysql-server'],
      owner   => root,
      group   => 0,
      mode    => '0500';
    'mysql_root_cnf':
      path    => '/root/.my.cnf',
      content => template('mysql/root/my.cnf.erb'),
      require => [ Package['mysql-server'] ],
      notify  => Exec['mysql_set_rootpw'],
      owner   => root,
      group   => 0,
      mode    => '0400';
  }

  exec { 'mysql_set_rootpw':
    command     => '/usr/local/sbin/setmysqlpass.sh',
    require     => [ File['mysql_setmysqlpass.sh'], Service['mysql'] ],
    # this is for security so that we only change the password
    # if the password file itself has changed
    refreshonly => true,
  }

  if $mysql::server::backup_cron {
    include mysql::server::cron::backup
    include mysql::server::backup_helpers
  }

  if $mysql::server::optimize_cron {
    include mysql::server::cron::optimize
  }

  service { 'mysql':
    ensure    => running,
    enable    => true,
    hasstatus => true,
    require   => Package['mysql-server'],
  }

  if str2bool($::mysql_exists) {
    include mysql::server::account_security

    # Collect all databases and users
    Mysql_database<<| tag == "mysql_${::fqdn}" |>>
    Mysql_user<<| tag == "mysql_${::fqdn}"  |>>
    Mysql_grant<<| tag == "mysql_${::fqdn}" |>>
  }
}